Our IT sent out a test once that was a fake “someone sent you this document on teams” link and I fell for it assuming it was another stupid microsoft workflow for sharing documents. The only reason I didn’t actually hit the log in part that would have got me reported was because I didn’t care enough about whatever it was that was supposedly sent to me.
If it’s not in slack, it doesn’t exist
yeah the only phishing tests that got me were that and an invite to a Teams team because i get added to a new team every week or so lol
I heard once that the reason that those phishing emails are (usually) pretty obvious is because the phisher doesn’t want to accidentally catch a more attentive and careful victim, spend time trying to wire money from them, only for the victim to realize that it’s a scam before following through, therefore wasting the phishers time. The type of person to fall for the Nigerian prince stuff is not common, but they exist and the odds of them paying out are much higher.
I’ve heard that too. But, super-realistic scams exist, so if that’s right it’s just splitting the difference between the two that’s a bad strategy.
It’s mass phishing versus spear phishing. I believe anyone would fall for a highly specific spear phishing campaign from dedicated individuals, but I don’t believe most people are important enough to be victims of it nor do most people need to really do it.
The cost of people to run the scams is also a big factor. If poor quality can actually be an asset, slave labour from Myanmar or similar is going to be very competitive. You can have a small center full of those unfortunate people for the price of one Western cracker to do spear phishing.
Right and the motives are likely going to be different too. Mass phishers are just out to make a quick buck, but targeted phishing could be for money, intelligence, disruption, making a statement, or even just clout.
I get that feeling when I press “report spam” and gmail suggest I “unsubscribe from them”, that that’s exactly what the spammer want, a ping back so they know I’m susceptible, that I’m an engaging fool, and get put on all the lists.
Not sure if emails work the same way, but this is how phone scammers work
If you interact with a phone scammer, send them to hell or do anything at all with them, you just get added to a big lost of people that respond to scam calls and so you get more calls
I try waste as much of their time as possible. It seems I’ve been such a cunt and wasted so much of their time that they have put my number on a blacklist.
That’s what I figured too. Make sure to be the biggest pain for them. Seems dumb to put someone that is savvy and not a rube on a list to be called more. I would think the not answering scam calls would get you more calls because they are unsure of you.
I defiantly got onto the call more list at one point but I kept being the biggest pain in the ass and one day they just stopped completely. I once had these one people on the phone for 6hours straight and went through about 4 transfers in the process. They connected with my VM at one point where I was live developing a fake bank website I had passed through from my host. Did u know u can embed the password game into a website extremely easily and conveniently I needed a password reset and needed help. Yes I stole the idea from kitboga.
It drives me nuts that I can’t turn off the unsubscribe feature entirely. I’ll use their unsubscribe button once, and if it doesn’t work, then all future emails are getting forwarded back to whoever I gave the email address.
Yup. Done that one
